Skip to content

Add Mcp-Session-Id header to HTTP MCP server requests#177

Merged
lpcox merged 3 commits intomainfrom
copilot/fix-missing-session-id-header
Jan 12, 2026
Merged

Add Mcp-Session-Id header to HTTP MCP server requests#177
lpcox merged 3 commits intomainfrom
copilot/fix-missing-session-id-header

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Jan 12, 2026
edited
Loading

HTTP MCP servers require the Mcp-Session-Id header for request authentication, but the gateway was not propagating it, causing 400 errors from servers like safeinputs.

Changes

  • Connection layer: Modified SendRequestWithServerID to accept context.Context and extract session ID from context to include as Mcp-Session-Id header in HTTP requests
  • Context key management: Defined SessionIDContextKey in internal/mcp package to avoid circular dependencies; re-exported in internal/server for backward compatibility
  • Call sites: Updated all invocations in unified.go and server.go to pass request context through to connection layer

Implementation

// Extract session ID from context and add header
if sessionID, ok := ctx.Value(SessionIDContextKey).(string); ok && sessionID != "" {
    httpReq.Header.Set("Mcp-Session-Id", sessionID)
}

The session ID flows from the HTTP request → context → connection layer → HTTP backend, enabling proper authentication with HTTP MCP servers.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 2 commits January 12, 2026 01:07
@lpcox
Add Mcp-Session-Id header support for HTTP MCP servers
d634a45 
- Modified Connection.SendRequestWithServerID to accept context parameter
- Extract session ID from context in sendHTTPRequest method
- Add Mcp-Session-Id header to HTTP requests when session ID is available
- Updated all call sites in unified.go and server.go to pass context
- All unit tests passing

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
@lpcox
Add comprehensive tests for Mcp-Session-Id header
4e52a6d 
- Created connection_test.go with 3 test cases
- Tests verify session ID header is added to HTTP requests
- Tests verify configured headers are preserved
- Tests verify behavior without session ID
- All tests passing, including agent-finished checks

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix HTTP 400 error due to missing Mcp-Session-Id header Add Mcp-Session-Id header to HTTP MCP server requests Jan 12, 2026
Copilot AI requested a review from lpcox January 12, 2026 01:11
@lpcox lpcox marked this pull request as ready for review January 12, 2026 01:12
@lpcox lpcox merged commit c08aea6 into main Jan 12, 2026
3 checks passed
@lpcox lpcox deleted the copilot/fix-missing-session-id-header branch January 12, 2026 01:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lpcox lpcox Awaiting requested review from lpcox

Assignees

@lpcox lpcox

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lpcox